From:             [EMAIL PROTECTED]
Operating system: Redhat Linux 6.2
PHP version:      4.0.4pl1
PHP Bug Type:     Apache related
Bug description:  PHP_AUTH_PW stores password when using External Authentication

Under Apache-1.3.14 w/ php4.0.4pl1 and using auth_ldap for external authentication to 
an ldap server, PHP_AUTH_PW stores the password of the user that authenticates 

This did not occur in earlier versions of php3 and php4 and creates a problem for 
websites that require external authentication before accessing and the services that 
are provided within the websites are run by different parties as this will result in 
other parties getting hold of the user's password.

php.ini used is similar to that which came with the php-4.0.4pl1 distribution and no 
settings that are changed is related to authentication.

php is compiled using the following parameters :-


Edit Bug report at:

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to